sudo (“superuser do”) is nothing but a tool for Linux or Unix-like systems to run commands/programs as another user. Typically as a root user or another user. You can delegate common tasks such as reboot the server or restart the Apache or make a backup using sudo for unprivileged users. By default, sudo needs that a user authenticates using a password before running a command. Some times you may need to run a command with root privileges, but you do not want to type a password using sudo command. This is useful for scripting or any other purpose. This can be achieved by editing /etc/sudoers file and setting up correct entries. You need to consider any security consequence of allowing a sudo command execute without a password.
|Requirements||sudo on Linux or Unix/BSD/macOS|
How to to run sudo command without a password:
- Backup your /etc/sudoers file by typing the following command:
sudo cp /etc/sudoers /root/sudoers.bak
- Edit the /etc/sudoers file by typing the visudo command:
- Append/edit the line as follows in the /etc/sudoers file for user named ‘vivek’ to run ‘/bin/kill’ and ‘systemctl’ commands:
vivek ALL = NOPASSWD: /bin/systemctl restart httpd.service, /bin/kill
- Save and exit the file.
How do I execute ALL sudo commands without password?
Type the following command as root user:
$ sudo visudo
Append the following entry to run ALL command without a password for a user named tom:
tom ALL=(ALL) NOPASSWD:ALL
Here is my sample config file:
marlena ALL = NOPASSWD: /bin/systemctl restart nginx.service
Save and close the file. Now you can run any command as root user:
$ sudo /etc/init.d/nginx restart
$ sudo /sbin/reboot
$ sudo apt-get install htop
## get root shell ##
$ sudo -i
Please make sure only tom can login via ssh keys.
How do I test it?
Simply run /bin/kill to kill any process without a password:
[vivek@server ]$ sudo /bin/kill pid-here
[vivek@server ]$ sudo /bin/systemctl restart httpd.service
You learned how to run a command without a password when using sudo on Linux or Unix-like systems. There is a significant security risk associated with passwordless operations. Hence, I would strongly recommend NOT doing this, but as they say, “it is not UNIX’s job to stop you from shooting your foot. If you so choose to do so, then UNIX’s job is to deliver Mr. Bullet to Mr. Foot in the most efficient way it knows.” For more info read man pages:
🐧 15 comments so far... add one ↓
|Category||List of Unix and Linux commands|
|Firewall||Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04|
|Network Utilities||dig • host • ip • nmap|
|OpenVPN||CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04|
|Package Manager||apk • apt|
|Processes Management||bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time|
|Searching||grep • whereis • which|
|User Information||groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w|
|WireGuard VPN||Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04|